Q: I know you’ve written previously about the need for both confidentiality and transparency in the boardroom (August 2006; http://www.corestrategies4nonprofits.com/confidentiality.html). In that article you mentioned the value of having a written policy on confidentiality to ensure the appropriate balance. What would you include in such a policy?
A: I see a number of issues that should be addressed. At a minimum, these include:
Board Discussions – If board members are going to feel comfortable about discussing sensitive issues, sharing their thoughts or suggesting something a bit risky, they have to trust that their comments will stay within the boardroom. This means making clear that there is to be no after-meeting quarter-backing in the parking lot and certainly no sharing topics of conversation, financial status or future plans with the community until such a time that the board’s voice is one voice and ready to be shared.
Donors – State how you intend to protect your donors and prospects. Will anonymity be the default assumption unless the individuals request otherwise? Under what conditions will their names be released and to whom will they be released? What other information will be shared – e.g., the terms and amounts of their donations or their potential? Who will have access to their files?
Mailing Lists – What about those on your mailing list? If you intend to rent or sell your lists now or any time in the future are you sharing this fact with those on your list? Are you allowing them to opt out? (For additional considerations, see “Can Donors Expect Privacy,” On Nonprofits, July 2008; http://www.corestrategies4nonprofits.com/donor_privacy.html).
Client Information – Your clients are particularly vulnerable. How do you expect to ensure that service providers, volunteers, receptionists, data-management personnel, even the janitor maintain confidentiality? State clearly what must remain confidential – e.g., the fact that someone is a client of your organization, his/her issue(s) or condition(s), what the client says, what others say about the client, and any personal information kept on file.
Personnel Issues – A lack of confidentiality regarding personnel issues can result in costly court judgments against the organization. You want to be sure to state your commitment to protecting the privacy of the organization’s employees. This is particularly true regarding contracts, compensation, evaluations, disciplinary actions, possible termination, medical conditions, including the use of corporate-sponsored psychological or substance abuse help, and harassment or bias claims.
Legal Issues – Fortunately, litigation is not rampant in the nonprofit sector, but it does happen. You want to be sure that people are not speaking out in the community about potential, pending or current suits against the organization, unless they have been asked to serve as a spokesperson.
Consequences – Be clear about the consequences for ignoring the confidentiality clause.
Based on your mission, your organizational culture and your status in the community you may have other items to add, for instance the security of passwords and access codes or the handling of potential mergers. Of course, what you say about each of these topics is for your board to determine. My hope is that the above questions and thoughts will stimulate important discussion.